Primary

Context

Microsoft Excel Type Confusion Vulnerability Leading to Remote Code Execution

Vulnerability

A type confusion vulnerability has been identified in Microsoft Office Excel. This issue allows an unauthorized attacker to execute code locally by accessing a resource using an incompatible type. The vulnerability affects several versions of Microsoft Excel, including Excel 2016, as well as various Microsoft Office LTSC and Microsoft 365 Apps for Enterprise editions.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Remediation

Users can apply the security update provided by Microsoft to address this vulnerability. Instructions for downloading the update are available on the Microsoft Office Update page.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Excel Type Confusion Vulnerability Leading to Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating